I'm looking for

Job Description

Our ‘Risk Analytics’ capability sits within Technology Risk Consulting, but works across all our functions, i.e. across Audit, Tax and Advisory. Risk Analytics delivers a large amount of assurance and advisory work in helping clients get more value out of their Enterprise Resource Planning (ERP) Business Management systems, specifically SAP, Oracle as well as GRC and/or data analytical solutions on top of the ERP.

Our projects include extracting, analysing and visualising data from our clients ERP systems to support audit and advisory engagements covering: process control, process & control optimisation, robotics, security, and ERP related GRC services. This work is delivered through stand-alone assignments, or as part of external and internal audit, or wider advisory engagements.

An Analytics Manager with a focus on ERP analytics would typically be responsible for ensuring the quality, value and timely delivery of a significant pipeline of engagements. This will include supporting delivery of the high demand for data and analytics for some of our largest and most complex controls transformation and automation programs, but also supporting wider Consulting, Tax and Audit projects.

Alongside this, you would be responsible for driving growth of the Risk Analytics capability by developing new business from existing clients across the firm, as well as from new prospects.

As an Assistant Manager, you will join our Risk Analytics leadership team and hence also get involved in product development and innovation activities, to ensure that KPMG’s Risk Analytics capability remains market leading on a global scale, as well as the development of our Risk Analytics people.

This role requires specific functional ERP (SAP and/or Oracle) and data analytics (and/or GRC) experience, delivering ERP process controls, data analytics, assurance and advisory services. The successful candidate will be involved in client facing and client relationship building across of range of corporate clients.

Roles & Responsibilities

This will include some or all of the following:
• Audit and advise clients that operate SAP and/or Oracle systems including GRC;
• Advise clients on building and enhancing their own ERP and Assurance data analytics capability;
• Delivery lead / SME on SAP/ Oracle/ GRC control and/or data analytics engagements;
• SME in implementing analytics and GRC solutions (e.g. for Continuous Controls Monitoring and Segregation of Duties solutions);
• Assist clients in automating their controls using emerging technologies such as RPA, AI and scripting;
• Support build of a Cloud based in-house analytics platform/ solution;
• Delivery lead / SME on SAP/ Oracle/ GRC control and/or data analytics engagements;
• Building and managing excellent client relationships across a range of clients;
• Developing internal networks and maintaining excellent relationships with colleagues across KPMG, but in particular in the wider Advisory areas;
• Contributing to practice management, e.g. innovation, training, knowledge management;
• A good understanding of SAP, Oracle, data analytics and/or GRC technology platforms;
• Ability to identify and assess complex ERP risks and controls, to relate them to the wider business environment and to express clear views;
• Writing summary findings and preparing client documents to a high standard.

Experience and Skills

A combination of the following:
• Proven experience of successfully delivering SAP/ Oracle business process, security, control, data analytics and GRC services (including external/ internal audit) to medium/ large, multi-national clients. Including, for example, experience in Oil & Gas, Retail, Fast Moving Consumer Goods, Utilities and Life Sciences sectors;
• Good understanding of Finance and HR processes (e.g. Record to Report, Procure to Pay, Order to Cash);
• Auditing and advising clients that operate SAP/ Oracle ERP Systems;
• Business process and functional experience of key SAP/ Oracle Financials modules, ideally including SAP HANA and/or Oracle Fusion Cloud database structures;
• Functional experience of GRC, Financials, BPC and BI;
• Experience of design, build and delivery of data analytics related capabilities, including:
- data extraction and processing (i.e. ETL);
- design and build of data analysis routines;
- design and build of data visualisation formats;
- interpretation of data analytics results, and ability to derive insightful and quantifiable business insights using data analytics outputs;
- identifying root causes to detected exceptions and translating these to actionable recommendations, e.g. ERP process or system changes;
- integration into a suitable IT infrastructure, including architecture design and system configuration
• Experience of using data analysis tools in an ERP environment, e.g. SQL (MS and Oracle), R, Python, Alteryx, Celonis, Qlik, PowerBI, Tableau;
• Experience of automation and robotics technologies, e.g. UIPath, Automation Anywhere, MS Power Apps, Appian (or other low code);
• Experience of process mining and visualisation technologies over SAP and/or Oracle such as Celonis;
• Experience of preparing exception reports, advisory documentation and presentations to a high standard;
• Experience of successfully winning and delivering technology risk services, including analytics demonstrations;
• “Big 4” professional services or dynamic IT Consultancy environment experience;
• Supporting service line through innovation and knowledge management.

Qualifications

• SAP/ Oracle certifications (desirable);
• Data analytics tools certifications (desirable);
• Certifications in GRC and Automation tools (desirable);
• Accounting Audit Qualifications: ACA or equivalent (desirable);
• IT Assurance Qualification CISA or equivalent (desirable);
• Preferably degree educated (Data Science or similar) or proven commercially demonstrated experience.

Using a wide variety of technical and sector-specific skills, KPMG's Risk & RDT Consulting group proactively helps transform clients to increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, governance, dispute resolution, deriving value from contracts and much more.
Connected Technology - Our clients need to deal effectively with technology related risks and derive maximum value from automation, data and digital technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.
Job Description:
Joining KPMG means joining a talented team of exceptional colleagues who bring innovative thoughts and a natural curiosity to the work they do each day. No one type of person succeeds at KPMG; a diverse business requires diverse personalities, characters and perspectives. There really is a place for you here.
Within Connected Technology Risk, our Powered team perform a large amount of our work implementing ServiceNow IRM / GRC, Vendor Risk, SecOps and Resilience solutions and providing advice to clients on their GRC journey.

The Team

Our GRC projects include delivery of business cases, roadmaps, system remediation work, process re-design, implementing IRM solutions, data analysis, security solutions, compliance management and continuous controls monitoring. This work is delivered through stand-alone assignments, or as part of broader transformation programmes.
This role requires ServiceNow GRC process, functional and technical knowledge with good grasp of business processes, delivering projects and assurance services. Exposure to use of GRC tools and technology both from functional and technical perspective is essential. The successful candidate will be involved in client facing and client relationship building across a range of corporate and FS clients.

The Role

• Lead multiple client ServiceNow IRM / GRC engagements.
• Responsibility for the overall output from ServiceNow IRM / GRC client engagements. This includes providing services to implement GRC and transform client’s operation covering core areas namely risk management, regulatory management, cyber / secops, resilience, continuity, controls monitoring and access control.
• Understand GRC related client issues across different sectors e.g. Banking, Insurance, Asset Management.
• A deep understanding of the ServiceNow IRM / GRC technology platform, both functionally and technically
• Work as part of an onshore and offshore team to deliver client engagements, taking ownership for one or more workstreams
• Knowledge of other GRC platforms and their strengths and weaknesses e.g. ServiceNow, Bwise, Metricstream, Archer, Thomson Reuters.
• Scoping, financial management, managing delivery risk, production and review of deliverables.
• Building and managing excellent client relationships across a range of clients.
• Developing internal networks and maintaining excellent relationships with colleagues across KPMG.
• Contributing to innovation and practice management, e.g. new services, training, knowledge management.
• Coaching and developing team members both as part of our overall Performance Management process or on specific engagements.
• Ability to identify and assess complex GRC programmes, to relate them to the wider business environment and to express opinions clearly to all levels.

The Person

A combination of the following:
• Proven experience of successfully architecting, integrating, managing and delivering ServiceNow GRC services (including implementations, creating business cases and roadmaps, assurance reviews and maturity assessments) to medium/large, multi-national clients.
• Strong knowledge of IT risk and controls
• Experience in implementing GRC solutions for risk, controls, compliance, third party risk, cyber and security areas
• Understand the waterfall and agile methodologies for implementing ServiceNow IRM and the deliverables required at each stage
• Experience in certain key sectors e.g. Banking, Insurance and Asset Management
• Ability to align client and sector specific issues to our GRC services.
• Delivered or involved in a number of enterprise risk management engagements which have included a technology workstream and implementation.
• Experience in transformation and business change programmes.
• Advising clients that operate GRC solutions on business benefits, solution fit and typical challenges.
• Experience of key GRC solutions (for example ServiceNow, Bwise, Metricstream, Archer, Thomson Reuters).
• Process expertise in GRC areas e.g. IT risk management, compliance & regulation, controls automation, continuous controls monitoring and security.
• Experience of using GRC related data analysis tools.
• Familiarity with regulatory compliance models and standards.
• Great relationship/stakeholder management skills at all levels.
• Proven communication and presentation skills.
• Proven experience of successfully delivering technology risk services.
• “Big 4” professional services or dynamic IT consultancy environment experience.

Qualifications

Certified Implementation Specialist – Risk & Compliance
Certified Implementation Specialist – Vendor Risk (Desirable)
Prince II or PMI qualified (Desirable)
Degree/masters qualification in IT (Desirable)
Demonstrated commercial experience in
• GRC Solution Certifications (Desirable)
• IT Assurance Qualifications CISA (Desirable)

Using a wide variety of technical and sector-specific skills, KPMG's Risk and RDT Consulting group proactively helps transform clients to increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, corporate governance, dispute resolution, deriving value from contracts and much more.
Technology - Our clients need to deal effectively with technology related risks and derive maximum value from automation, data and digital technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

Using a wide variety of technical and sector-specific skills, KPMG's Risk and RDT Consulting group proactively helps transform clients to increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, corporate governance, dispute resolution, deriving value from contracts and much more.
Technology - Our clients need to deal effectively with technology related risks and derive maximum value from automation, data and digital technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

The Team

Joining KPMG means joining a talented team of exceptional colleagues who bring innovative thoughts and a natural curiosity to the work they do each day. No one type of person succeeds at KPMG; a diverse business requires diverse personalities, characters and perspectives. There really is a place for you here.
The Team:
Technology Risk Consulting is a rapidly growing department. Our services are of both an assurance and advisory nature and include IT Security and Risk Management, IT Internal Audit, 3rd Party risk, ERP Controls and Risk and Controls Transformation.
Within the Technology Risk Consulting team, a large amount of our work involves providing assurance, advice and attestation to clients on their IT systems and processes, IT risks, IT general controls and IT projects.

The Role

• Help our clients navigate through complex risk and control requirements in highly regulated environments (particularly Sarbanes-Oxley)
• Provide advice on risk management, IT transformation and IT audit for our clients
• Supporting managers to deliver large, complex engagements
• Developing constructive client relationships, both inside and outside of KPMG
• Coaching and developing team members through sharing of experience and knowledge
• Upholding KPMG’s values by acting with integrity

The Person

• External and internal audit in the context of IT. Track record of ability to assess complex business and IT processes and identify risks and controls, to relate them to the wider business environment and providing advice to clients.
• Supporting managers to deliver a portfolio of complex IT and business control engagements for clients including planning, overseeing delivery, reporting and escalation of issues as necessary.
• Leading teams of analysts and coaching junior colleagues in the context of IT Risk & Controls.
• Expertise in IT General Controls and understanding of industry frameworks like COBIT, NIST
• Understanding of one or more business processes such as finance, procurement, customer and supply chain
• Understanding of security control principles like Segregation of Duties and Sensitive Access.
• Recognising the importance of continuous self and team development.
• Building and managing strong client relationships across a range of clients.
• Developing internal networks and maintaining strong relationships with colleagues across KPMG in the wider Advisory areas.
• Contributing to practice management, e.g. innovation, training, knowledge management.
• A good understanding of SAP, Oracle, data analytics and/or GRC technology platforms (desirable).

Using a wide variety of technical and sector-specific skills, KPMG's Risk and RDT Consulting group proactively helps transform clients to increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, corporate governance, dispute resolution, deriving value from contracts and much more.
Technology - Our clients need to deal effectively with technology related risks and derive maximum value from automation, data and digital technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

The Team

Joining KPMG means joining a talented team of exceptional colleagues who bring innovative thoughts and a natural curiosity to the work they do each day. No one type of person succeeds at KPMG; a diverse business requires diverse personalities, characters and perspectives. There really is a place for you here.

Technology Risk Consulting is a rapidly growing department. Our services are of both an assurance and advisory nature and include IT Security and Risk Management, IT Internal Audit, 3rd Party risk, ERP Controls and Risk and Controls Transformation.
Within the Technology Risk Consulting team, a large amount of our work involves providing assurance, advice and attestation to clients on their IT systems and processes, IT risks, IT general controls and IT projects.

The Role

• Help our clients navigate through complex risk and control requirements in highly regulated environments (particularly Sarbanes-Oxley)
• Provide advice on risk management, IT transformation and IT audit for our clients
• Supporting managers to deliver large, complex engagements
• Developing constructive client relationships, both inside and outside of KPMG
• Coaching and developing team members through sharing of experience and knowledge
• Upholding KPMG’s values by acting with integrity

The Person

• External and internal audit in the context of IT. Track record of ability to assess complex business and IT processes and identify risks and controls, to relate them to the wider business environment and providing advice to clients.
• Supporting managers to deliver a portfolio of complex IT and business control engagements for clients including planning, overseeing delivery, reporting and escalation of issues as necessary.
• Leading teams of analysts and coaching junior colleagues in the context of IT Risk & Controls.
• Expertise in IT General Controls and understanding of industry frameworks like COBIT, NIST
• Understanding of one or more business processes such as finance, procurement, customer and supply chain
• Understanding of security control principles like Segregation of Duties and Sensitive Access.
• Recognising the importance of continuous self and team development.
• Building and managing strong client relationships across a range of clients.
• Developing internal networks and maintaining strong relationships with colleagues across KPMG in the wider Advisory areas.
• Contributing to practice management, e.g. innovation, training, knowledge management.
• A good understanding of SAP, Oracle, data analytics and/or GRC technology platforms (desirable).

The Team

Using a wide variety of technical and sector-specific skills, KPMG's Risk & RDT Consulting group proactively helps transform clients to increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, governance, dispute resolution, deriving value from contracts and much more.

Connected Technology - Our clients need to deal effectively with technology related risks and derive maximum value from automation, data and digital technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.


Joining KPMG means joining a talented team of exceptional colleagues who bring innovative thoughts and a natural curiosity to the work they do each day. No one type of person succeeds at KPMG; a diverse business requires diverse personalities, characters and perspectives. There really is a place for you here.
Within Connected Technology Risk, our Powered team perform a large amount of our work implementing ServiceNow IRM / GRC, Vendor Risk, SecOps and Resilience solutions and providing advice to clients on their GRC journey.

Our GRC projects include delivery of business cases, roadmaps, system remediation work, process re-design, implementing IRM solutions, data analysis, security solutions, compliance management and continuous controls monitoring. This work is delivered through stand-alone assignments, or as part of broader transformation programmes.
This role requires business transformation and GRC process, functional & technical knowledge with good grasp of GRC business processes, delivering projects and assurance services.

Exposure to use of ServiceNow IRM both from functional and technical perspective is essential. The successful candidate will be involved in client facing and client relationship building across primarily FS clients.

The Role

•Actively identifying and progressing ServiceNow IRM / GRC business development opportunities, as well as managing sales activities such as responding to RFPs, bid management, proposal writing and client presentations.
•Lead multiple client engagements.
•Understand GRC related client issues across different sectors i.e. Banking, Insurance and Asset Management.
•Responsibility for the overall output from GRC client engagements. This includes providing services to implement GRC and transform client’s operation covering core areas namely risk management, regulatory management, controls monitoring and access control.
•A working knowledge of business transformation programmes and supporting methodologies.
•A deep understanding of ServiceNow IRM / GRC technology, both functionally and technically
•Lead teams and follow KPMG methodologies to deliver excellent GRC services.
•Scoping, financial management, managing delivery risk, production and review of deliverables.
•Building and managing excellent client relationships across a range of clients.
•Developing internal networks and maintaining excellent relationships with colleagues across KPMG.
•Contributing to innovation and practice management, e.g. new services, training, knowledge management.
•Coaching and developing team members both as part of our overall Performance Management process or on specific engagements.
•Ability to present on specific subjects to a large group of people.
•Ability to identify and assess complex GRC programmes, to relate them to the wider business environment and to express opinions clearly to all levels of management.

The Person
•Proven experience of successfully architecting, integrating, managing and delivering GRC services (including implementations, creating business cases and roadmaps, assurance reviews and maturity assessments) to medium/large, multi-national clients.
•Experience in certain key sectors e.g. Banking, Insurance and Asset Management.
•Ability to align client and sector specific issues to our GRC services.
•Delivered or involved in a number of GRC engagements which have included a ServiceNow IRM / GRC technology workstream and implementation.
•Experience in transformation and business change programmes.
•Understand the waterfall and agile methodologies for implementing ServiceNow IRM and the deliverables required at each stage
•Advising clients that operate GRC solutions on business benefits, solution fit and typical challenges.
•Knowledge of key GRC solutions (for example Metricstream, Archer, OpenPages, Galvanize, SAP GRC).
•Process expertise in GRC areas e.g. risk management, compliance & regulation, controls automation, third party risk, audit management, continuous controls monitoring and security.
•Experience of using GRC related data analysis tools.
•Familiarity with regulatory compliance models and standards.
•Great relationship/stakeholder management skills at all levels.
•Proven communication and presentation skills.
• “Big 4” professional services or dynamic IT consultancy environment experience.

Qualifications
Certified Implementation Specialist – Risk & Compliance
Certified Implementation Specialist – Vendor Risk (Desirable)
Prince II, MSP or PMI qualified (Desirable)
MBA (Desirable)
Degree/masters qualification in IT (Desirable)
Demonstrated commercial experience in
• GRC Solution Certifications (Desirable)
• IT Assurance Qualifications CISA (Desirable)